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September 21, 2001 

Attn: Richard Davidson 
~~HageliiT& Company" " " t 

Phone:908-707-4400 
Fax: 908-707-4408 

Dear Mr. Davidson, 

Upon reviewing our meeting notes the following is a cost estimate regarding the installation 
and set-up of a new server, also set-up and custom program database application. We 
estimate roughly two to three weeks from acceptance and deposit to having an initial 
prototype online, regardless of server status. 

Hagelin server set-up and application software estimate: $4,500.00 

Note this price estimate does not include secure certificate or server hardware costs. 

Our recommendations and specifications: 

0 

Initially, the Hagelin site will be very low load, and could be served with nearly any 
Pentium X-class workstation, provided the hardware is supported by the FreeBSD (or 
Linux, but preferably FreeBSD) operating system. 

However, there a few things to consider if opting to "save on the hardware n now and use a 
"recycled" PC or low-end hardware. Hie first issue is reliability. Your server will ultimately 
be replacing yow/ current database of flavor types. Although this is a rather small, and very 
static database, what are the implications of a loss of data due to a hardware failure? . 

Another issue to consider is scalability. Although the current application is relatively small 
in scope, are there any longer-term plans for additional web enabled data management 
services? While purchasing low-end hardware may initially save some money, as systems 
grow larger and more complex it becomes more difficult to "move" an application onto new 
hardware than install more memory, another drive or another processor into a server which 
supports these capabilities. 

Intel-based computer prices are vejy reasonable, and highly reliable and scalable tack- 
mount (or tower) savers are available from anywhere between $1500 and SI 5,000. 

The fact that you have an existing in-house network presents more options when 
determining server configurations. Assuming the internal LAN uses IP networking and 
"non-routable" addresses; a very secure and reliable solution (which could offer nearly 
seamless backup and recovery) would be to run two servers which-are essentially mirrored: 



FROM : DC Helms Inc. 



FAX NO, : 988859441 4 



Aug. 25 2006 03:38PM P19 



Run the database engine on one server, on only the internal network, and run the web server 
on both the non-routable inieraal network and the internet. This configuration provides the 
following advantages: 

• During multi-server operation, the database can not be reached directly from the 
internet, only via the web application server. 

•* Timely backups of the database can be made and stored on either the web server or 
external media, which can be used by the web server in the event of a hardware 
failure on the database server. 

• In the event that the interhet web server fails; the database is intact on another 
machine which can be quickly configured to run the web server daemon. 

• In the event that the database server fails, ther web server can be quickly configured 
to start the database engine locally, using a recent backup. 

• In the event that the web server is "hacked", only the application software would be 
"lost", not any sensitive data behind the application. 

Whether you opt for a single or multi-server solution, any servers used should have multiple 
- network cards. Since their database will be used both locally and via the internet, in the 
event of any lack of internet service, the cost of not being able to access the database will 
most likely far outweigh the $ 100 spent on additional network card. 

D.C. Helms Inc. only builds applications using software foundations (such as the Apache 
web server and MySQL Relational Database Management System) which are reliable, 
scalable and configurable to meet your current and future needs, so it makes sense to run 
your application on scalable hardware. Additionally, all internet based applications which 
use database backeods are designed in such a way that they can quickly attach to a database 
on any external server which supports both the database and the connection request This 
provides a nearly limitless array of data management, preliminaiy testing and recovery 
solutions. 

Hardware: \ 

(1) PIU I GHz Processor ou dual or quad processor motherboard 
• (1) 512MB PC 133 SDRAM 

(2) Intel Pro 1 00 MB ethemet network cards 
(1) TNT2 AGP graphics adapter (8 - 32 Mb) 

(1) Adaptec AHA29 160 SCSI Controller 

(2) 18GB 10,000 RPM ultra SCSI-1 60 drives 
(1) PS/2 Keyboard 

(1) PS/2 Mouse 
(1) Monitor... any 

Operating System: 

FreeSSD 4.3 (or current stable) 

Server Software: 

Apache L3120 (or current stable) web server 
SSH (default on FreeBSD systems) 
PHP 4.0.6 (or cuiTent stable) 
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MySQL 3.23.41 (or current stable) 
PostgreSQL 7. 1.3 (or current stable) 
PerJ 5.6 interpreter 

GIMP 1.2.x (GNU Image Manipulation Program) 
gtk current stable 
gec compiler 

Please view the "Hardware* links from bitpVAvww.fieebsd.org . 

. Perhaps more specifically: 
http://www.apachc.c9m 
http://ww.freebsdsystems.com 
http://www.terasolirtiQns.com (TS5 1 1 0) 

Most of these companies also provide very reasonable (if not inclusive) service 
agreements for the servers they provide. 

Application Requirements 

- Session, Security and User Management 

The Hagelin application will need a flexible and secure method of managing users which 
will be connecting to their application and database via the internet. Security can be 
achieved and managed at levels, including: 

• Connection level security. Secure sockets, which allows encrypted data to be 
t^sfened over public networks and decrypted only by parties of the socket 

" SeS'SoS ^f SeSSi u n S6CUri * mana e e ™ nt > vvhich assures that web 
S M^ffZ? Parties, regardless of their connection type. 

Session Management is used to associate a users login name with a specific user 
level, which m turn is checked prior to deliveringxontent. 

• Data File Security Assuring that raw data files used by the database server can not 
be accessed directly via the internet server can not 

(SU f 85 .aaonymous FTP, telnet, etc) A completelyTeb- 

alSl^ 
Searching Flavor Type Database 
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Gathering Session Data and Search Criteria For Order Preparation" 

The Hagelin application requires that my successful search and match made by the user can 
be used to generate a pick ticket / shipping invoice. Since users are automatically associated 
with their respective client information upon fogging into the system, associating session 
data with an order entry is necessary, and automatic. 

• Users need to be able to select between a 1 2 or 4 oz. sample size. 
— •— Tbe-appHcation 

• The Hagelin application also requires a method of assuring that users aren't "abusing 
their samples* privileges; a tracking system which manages how many samples are 
delivered per individual client. 

Maintaining Database 

- Hagelin application will require that there be a completely browser based application 
for input and maintenance of the database tables required by the application. 

Implementation and Deployment 

Hagelin requires that their application be ready for initial testing by mid/late November 
2001 , with "fiill-scale" deployment in early 2002. The interim period between November 
2001 and January 2002 shall be used for fine-tuning and usability testing, based on feedback 
from clients and Hagelin personnel. 

Network Requirements & Recommendations 

The single most important aspect of network service when delivering web-based 
applications (aside from the reliability!) is the absolute necessity for static IP addresses. 
Though DSL may appear to be a very cost-effective means to high speed network access, IP 
addresses are often dynamically set (which is absolutely unacceptable when naming a web 
server!), and many DSL providers have clauses in their service agreements which limit (or 
completely preclude) the use of their service for the purpose of running a web server. 

Additionally, while most DSL lines offer very respectable download speeds, their upload 
speeds are usually only a fraction of their download speeds... which is great for surfing the 
internet, but not so great for "serving 15 the internee 

DSL should be used'only if: 

• Your DSL service provider can provide you with static IP addresses; 

• Your DSL service provider has no limitations on bandwidth usage or running 
web servers on your bandwidth; " & 

• Your DSL service provider understands, appreciates and can service you even 
though youVe NOT using a Mac or Win32 (95/98, Windows NT, Windows 
2000) operating system. Just remind them that the internet was designed and 
built on Unix! 
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Initially, the Hagelin server will be very low load and could probably get by with 128K or 
network bandwidth. This should easily support up to 3 or 4 simultaneous connections with 
negligible impact on a client accessing the server via a dialup connection. Keep in mind that 
the connection "lifecycle" is typically quite short; a request to the web server is answered in 
a very short aniount of time (often less than a second), then connection is idle (if waiting for 
the next IITTP/1 . 1 request), then the connection is closed. Most network latencies 
experienced by web users are between their PC and their internet service provider. 

The most feasible long-term solution would be Tl service, if the intent is to run the servers 
in house. Though it's not as expensive as it was a few years ago, expect to spend at least a 

~ few hundred dollars a : month forJll.; j>lus Jheexr^ 

Internet Service Providers often offer "fractional- Tl service (less bandwidth for less 
' money), and otter options. 

When compared to the cost of remote hosting (which often guarantees 1 00% network 
connectivity via multiple T3 or optical backbones and 99.98% server uptime), in-house 
hosting can^prove to be an expensive hosting option. However, broadband service into the 
Hagelin facility can offer more than just a backplane for a web server, the same bandwidth 
can be Used for high-speed network service for the entire in-house network. 

Costs are based on the specifications above and any extra work will be billed accordingly. 
Please call if you need any clarifications or have further questions 908-859-2000 
Thank you. 

Very truly yours 



Clint Helms 
D.C. Helms inc. 
www.dchelms.com 
clint@dchelms.com 



